Docs Menu

Docs HomeDevelop ApplicationsMongoDB Manual

Install MongoDB Enterprise Edition on Red Hat or CentOS

On this page

  • Overview
  • Considerations
  • Install MongoDB Enterprise Edition
  • Run MongoDB Enterprise Edition
  • Uninstall MongoDB
  • Additional Information

Note

MongoDB Atlas

MongoDB Atlas is a hosted MongoDB service option in the cloud which requires no installation overhead and offers a free tier to get started.

Use this tutorial to install MongoDB 7.0 Enterprise Edition on Red Hat Enterprise Linux, CentOS Linux, or Oracle Linux [1] using the yum package manager.

MongoDB Enterprise Edition is available on select platforms and contains support for several features related to security and monitoring.

This tutorial installs MongoDB 7.0 Enterprise Edition. To install a different version of MongoDB Enterprise, use the version drop-down menu in the upper-left corner of this page to select the documentation for that version.

MongoDB 7.0 Enterprise Edition supports the following 64-bit versions of Red Hat Enterprise Linux (RHEL), CentOS Linux, Oracle Linux [1], Rocky Linux, and AlmaLinux [2] on x86_64 architecture:

  • RHEL / CentOS Stream / Oracle / Rocky / AlmaLinux 9

  • RHEL / CentOS Stream / Oracle / Rocky / AlmaLinux 8

  • RHEL / CentOS / Oracle 7

MongoDB only supports the 64-bit versions of these platforms.

MongoDB 7.0 Enterprise Edition on RHEL / CentOS / Oracle / Rocky / Alma Linux also supports the ARM64 architecture on select platforms.

See Platform Support for more information.

[1](1, 2) MongoDB only supports Oracle Linux running the Red Hat Compatible Kernel (RHCK). MongoDB does not support the Unbreakable Enterprise Kernel (UEK).
[2] MongoDB on-premises products released for RHEL version 8.0+ are compatible with and supported on Rocky Linux version 8.0+ and AlmaLinux version 8.0+, contingent upon those distributions meeting their obligation to deliver full RHEL compatibility.

Before deploying MongoDB in a production environment, consider the Production Notes document which offers performance considerations and configuration recommendations for production MongoDB deployments.

Follow these steps to install MongoDB Enterprise Edition using the yum package manager.

1

Create an /etc/yum.repos.d/mongodb-enterprise-7.0.repo file so that you can install MongoDB Enterprise directly using yum:

Note

If you have a mongodb-enterprise.repo file in this directory from a previous installation of MongoDB, you should remove it. Use the mongodb-enterprise-7.0.repo file above to install MongoDB 7.0.

You can also download the .rpm files directly from the MongoDB repository. Downloads are organized by Red Hat / CentOS version (e.g. 9), then MongoDB release version (e.g. 7.0), then architecture (e.g. x86_64).

Prior to MongoDB 5.0, odd-numbered MongoDB release versions, such as 4.3, were development releases. Beginning with MongoDB 5.1, MongoDB has quarterly rapid releases. For more information on the differences between rapid and long-term support releases, see MongoDB Versioning.

2

Issue the following command:

sudo yum install -y mongodb-enterprise

To install a specific release, you must specify each component package individually along with the version number, as in the following example:

sudo yum install -y mongodb-enterprise-7.0.6 mongodb-enterprise-database-7.0.6 mongodb-enterprise-server-7.0.6 mongodb-mongosh-7.0.6 mongodb-enterprise-mongos-7.0.6 mongodb-enterprise-tools-7.0.6

If you only install mongodb-enterprise=7.0.6 and do not include the component packages, the latest version of each MongoDB package will be installed regardless of what version you specified.

Although you can specify any available version of MongoDB Enterprise, yum upgrades the packages when a newer version becomes available. To prevent unintended upgrades, pin the package by adding the following exclude directive to your /etc/yum.conf file:

exclude=mongodb-enterprise,mongodb-enterprise-database,mongodb-enterprise-server,mongodb-enterprise-shell,mongodb-enterprise-mongos,mongodb-enterprise-tools

Note

You can also install the MongoDB Shell that uses the system's OpenSSL. You must have already installed OpenSSL on your system before installing this version of the MongoDB Shell.

You can install all of the MongoDB Enterprise packages and the MongoDB Shell that uses the system's OpenSSL without removing the MongoDB Shell first. For example:

sudo yum install -y mongodb-enterprise mongodb-mongosh-shared-openssl11

The following example removes the MongoDB Shell and then installs the MongoDB Shell that uses the system's OpenSSL 1.1:

sudo yum remove -y mongodb-mongosh && sudo yum install -y
mongodb-mongosh-shared-openssl11

The following example removes the MongoDB Shell and then installs the MongoDB Shell that uses the system's OpenSSL 3:

sudo yum remove -y mongodb-mongosh && sudo yum install -y
mongodb-mongosh-shared-openssl3

You can also choose the MongoDB packages to install.

The following example installs MongoDB Enterprise and tools, and the MongoDB Shell that uses the system's OpenSSL 1.1:

sudo yum install -y mongodb-enterprise-database
mongodb-enterprise-tools mongodb-mongosh-shared-openssl11

The following example installs MongoDB Enterprise and tools, and the MongoDB Shell that uses the system's OpenSSL 3:

sudo yum install -y mongodb-enterprise-database
mongodb-enterprise-tools mongodb-mongosh-shared-openssl3

Most Unix-like operating systems limit the system resources that a process may use. These limits may negatively impact MongoDB operation, and should be adjusted. See UNIX ulimit Settings for the recommended settings for your platform.

Note

Starting in MongoDB 4.4, a startup error is generated if the ulimit value for number of open files is under 64000.

By default, MongoDB runs using the mongod user account and uses the following default directories:

  • /var/lib/mongo (the data directory)

  • /var/log/mongodb (the log directory)

The package manager creates the default directories during installation. The owner and group name are mongod.

To use a data directory and/or log directory other than the default directories:

  1. Create the new directory or directories.

  2. Edit the configuration file /etc/mongod.conf and modify the following fields accordingly:

    • storage.dbPath to specify a new data directory path (e.g. /some/data/directory)

    • systemLog.path to specify a new log file path (e.g. /some/log/directory/mongod.log)

  3. Ensure that the user running MongoDB has access to the directory or directories:

    sudo chown -R mongod:mongod <directory>

    If you change the user that runs the MongoDB process, you must give the new user access to these directories.

  4. Configure SELinux if enforced. See Configure SELinux.

Starting in MongoDB 5.0, a new SELinux policy is available for MongoDB installations that:

  • Use an .rpm installer.

  • Use default configuration settings.

  • Run on RHEL7 or later.

For MongoDB Enterprise installations that use LDAP authentication, the following additional SELinux policies must be in place:

  • For deployments that use LDAP authentication via OS libraries, MongoDB must have access to the tcontext=system_u:object_r:ldap_port_t:s0 LDAP ports. You can enable access by running setsebool -P authlogin_nsswitch_use_ldap 1.

  • For deployments that use LDAP authentication via saslauthd, you must enable cluster mode by running sudo setsebool -P daemons_enable_cluster_mode 1.

If your installation does not meet these requirements, refer to the SELinux Instructions for .tgz packages.

Note

If your MongoDB deployment uses custom settings for any of the following:

You cannot use the MongoDB supplied SELinux policy. An alternative is to create a custom SELinux policy, however an improperly written custom policy may be less secure or may stop your mongod instance from working.

  1. Ensure you have the following packages installed:

    • git

    • make

    • checkpolicy

    • policycoreutils

    • selinux-policy-devel

    sudo yum install git make checkpolicy policycoreutils selinux-policy-devel
  2. Download the policy repository.

    git clone https://github.com/mongodb/mongodb-selinux
  3. Build the policy.

    cd mongodb-selinux
    make
  4. Apply the policy.

    sudo make install

Important

Backward-Incompatible Feature

Starting in MongoDB 5.1, you must run the following command from the directory into which the SELinux policy was previously cloned before you can downgrade to an earlier MongoDB version:

sudo make uninstall

Follow these steps to run MongoDB Enterprise Edition on your system. These instructions assume that you are using the default settings.

Init System

To run and manage your mongod process, you will be using your operating system's built-in init system. Recent versions of Linux tend to use systemd (which uses the systemctl command), while older versions of Linux tend to use System V init (which uses the service command).

If you are unsure which init system your platform uses, run the following command:

ps --no-headers -o comm 1

Then select the appropriate tab below based on the result:

  • systemd - select the systemd (systemctl) tab below.

  • init - select the System V Init (service) tab below.


To completely remove MongoDB from a system, you must remove the MongoDB applications themselves, the configuration files, and any directories containing data and logs. The following section guides you through the necessary steps.

Warning

This process will completely remove MongoDB, its configuration, and all databases. This process is not reversible, so ensure that all of your configuration and data is backed up before proceeding.

1

Stop the mongod process by issuing the following command:

sudo service mongod stop
2

Remove any MongoDB packages that you had previously installed.

sudo yum erase $(rpm -qa | grep mongodb-enterprise)
3

Remove MongoDB databases and log files.

sudo rm -r /var/log/mongodb
sudo rm -r /var/lib/mongo

By default, MongoDB launches with bindIp set to 127.0.0.1, which binds to the localhost network interface. This means that the mongod can only accept connections from clients that are running on the same machine. Remote clients will not be able to connect to the mongod, and the mongod will not be able to initialize a replica set unless this value is set to a valid network interface which is accessible from the remote clients.

This value can be configured either:

  • in the MongoDB configuration file with bindIp, or

  • via the command-line argument --bind_ip

Warning

Before you bind your instance to a publicly-accessible IP address, you must secure your cluster from unauthorized access. For a complete list of security recommendations, see Security Checklist. At minimum, consider enabling authentication and hardening network infrastructure.

For more information on configuring bindIp, see IP Binding.

MongoDB Enterprise Edition is available from its own dedicated repository, and contains the following officially-supported packages:

Package Name
Description
mongodb-enterprise
A metapackage that automatically installs the component packages listed below.
mongodb-enterprise-database

A metapackage that automatically installs the component packages listed below.

Package Name
Description
mongodb-enterprise-server
Contains the mongod daemon and associated configuration and init scripts.
mongodb-enterprise-mongos
Contains the mongos daemon.
mongodb-enterprise-cryptd
Contains the mongocryptd binary
mongodb-mongosh
Contains the MongoDB Shell (mongosh).
mongodb-shared-openssl*
Contains the MongoDB Shell that uses the OpenSSL version already installed on your computer (mongosh).
mongodb-enterprise-tools

A metapackage that automatically installs the component packages listed below:

Package Name
Description
mongodb-database-tools
mongodb-enterprise-database-tools-extra

Contains the following MongoDB support tools:

←  Install MongoDB Enterprise on LinuxInstall MongoDB Enterprise on Red Hat or CentOS using .tgz Tarball →